1. Field of the Invention
The present invention relates to a network system and a method to limit, in a network system consisting of a plurality of computer systems with communication lines, the execution of transaction commands given from one to another of the plurality of computer systems.
2. Description of the Related Art
In a network system consisting of a plurality of computer systems connected via a wide area network or the like, for instance, decentralized data management system, computer systems are often installed correspondingly to groups using the respective computer systems. The xe2x80x9cgroupxe2x80x9d in this context may be a group of any size, ranging from a large organization such as a corporation to a small one such as a department or a section in a corporation. Conceivable ways of being xe2x80x9cinstalled corresponding to groupsxe2x80x9d include installation of one computer system for each group, installation of one computer system for a plurality of groups, and installation of a plurality of computer systems for one group.
In such a network system, where information registered with the computer system of one group is to be referenced and updated from the computer system of another group, if every operator is allowed to perform such a transaction with no limitation at all, the reliability of data stored on the network may be hurt if any operator updates or otherwise manipulates any data wrongly either intentionally or by mistake.
Therefore, to avoid such trouble, it is necessary to supplement each transaction command with authority information indicating which operator may execute that particular transaction command.
Incidentally, conceivable methods to attach authority information to transaction commands include having each computer system manage authority information on operators of all the groups. This method, however, presupposes that all computer systems possess data needed for authorization of operations (hereinafter called xe2x80x9cauthorization dataxe2x80x9d), and accordingly if authorization data possessed by one computer system is augmented or altered, that augmentation and alternation will have to be reflected in all other computer systems. Therefore, this method requires communication to have the augmentation and alteration reflected in the other computer systems, resulting in a problem of consuming more of system resources and thereby inviting a drop in the overall system performance.
Methods according to the prior art for setting program execution authority (authority for command use) in a network system include one to control execution of transaction jobs on a group-by-group basis in a plurality of computer systems, which is disclosed in the Japanese Patent Application Laid-Open No. Hei 7-219899. However, the technique disclosed by this patent application requires that, where a group authorized to execute transaction jobs is to be registered with an execution authority library, the registration is classified by the computer ID. It also requires setting of information on the opposite computer to be authorized for execution, type of authorization and the like for each set of program data, resulting in complexity of operation.
An object of the present invention, therefore, is to provide network system and a method capable of limiting the execution of transaction commands entered from one computer system to another without requiring communication to achieve identify authorization data held by the computer systems.
According to an aspect of the present invention, there is provided a network system including a first computer system, a second computer system, and communication lines to connect the first and second computer systems,
the first computer system comprising:
a first memory for storing a first set of authorization data including information on matching between an operator and a group the operator belongs to, and information on matching between a group and commands authorized for operators belonging to the group to execute;
a first authorization unit for referencing, when a command to be executed by the second computer system is entered by an operator, the first set of authorization data and judging whether or not the operator is to be authorized to execute the command; and
a first execution unit for augmenting, if the first authorization unit judges that the operator is to be authorized to execute the command, the command with information to identify the group to which the operator belongs, and transmitting the augmented command to the second computer system as a request from the group to execute the command; and
the second computer system comprising:
a second memory for storing a second set of authorization data including information on matching between a group and commands authorized for execution in response to an execution request from the group;
a second authorization unit for referencing, when the command is received from the first computer system, the second set of authorization data and judging whether or not the command is to be authorized for execution in response to the execution request from the group whose command is augmented with identifying information; and
a second execution unit for executing the command, if the second authorization unit judges that the command is to be authorized for execution, in response to the execution request from the group.
According to another aspect of the present invention, in the foregoing network system,
the second set of authorization data further includes information on matching between a group and data to which access is to be authorized in response to the execution request from the group;
the second authorization unit references the second set of authorization data and judges whether or not the data to be accessed by the command are to be allowed access to in response to the request from the group whose command is augmented with identifying information; and
the second execution unit, if the second authorization unit judges that the data may be allowed access to in response to the request from the group, executes the command.
According to still another aspect of the present invention, in the foregoing network system,
the first execution unit further augments the command with operator identifying information and transmits it to the second computer system;
the second memory further stores a list of unauthorized operators matching commands and operators unauthorized to execute the respective commands;
the second authorization unit refers to the list of unauthorized operators and judges whether or not the operator whose command is augmented with identifying information is to be authorized to execute the command; and
the second execution unit, if the second authorization unit judges that the operator is not be authorized to execute the command, does not execute the command.
According to still another aspect of the present invention, there is provided a method to limit the execution of commands, comprising:
a first registration step to register with a first computer system a first set of authorization data including information on matching between an operator and a group the operator belongs to, and information on matching between a group and commands authorized for operators belonging to the group to execute;
a second registration step to register with a second computer system a second set of authorization data including information on matching between a group and commands authorized for execution in response to an execution request from the group;
a first authorization step to reference, when a command to be executed by the second computer system is entered by an operator into the first computer system, the first set of authorization data and to judge whether or not the operator is to be authorized to execute the command; and
a first execution step to augment, if it is judged at the first authorization step that the operator is to be authorized to execute the command, the command with information to identify the group to which the operator belongs, and to transmit the augmented command from the first computer system to the second computer system as a request from the group to execute the command; and
a second authorization step to reference, when the second computer system receives the command from the first computer system, the second set of authorization data and to judge whether or not the command is to be authorized for execution in response to the execution request from the group whose command is augmented with identifying information; and
a second execution step to have the command executed by the second computer system, if it is judged at the second authorization step that the command is to be authorized for execution, in response to the execution request from the group.
According to still another aspect of the present invention, in the foregoing method,
the second set of authorization data further includes information on matching between a group and data to which access is to be authorized in response to the execution request from the group;
at the second authorization step it is judged whether or not the data to be accessed by the command are to be allowed access to in response to the request from the group whose command is augmented with identifying information; and
at the second execution step, if it is judged at the second authorization step that the data may be allowed access to in response to the request from the group, the command is executed.
According to still another aspect of the present invention, in the foregoing method,
at the first execution step, the command is further augmented with operator identifying information and transmitted to the second computer system;
at the second registration step, a list of unauthorized operators matching commands and operators unauthorized to execute the respective commands is further registered;
at the second authorization step, the list of unauthorized operators is referenced, and it is judged whether or not the operator whose command is augmented with identifying information is to be authorized to execute the command; and
at the second execution step, if it is judged at the second authorization step that the operator is not be authorized to execute the command, the command is not executed.
According to still another aspect of the present invention, there is provided a storage medium recording thereon a program enabling:
a first computer system to execute first registration processing to register a first set of authorization data including information on matching between an operator and a group the operator belongs to, and information on matching between a group and commands authorized for operators belonging to the group;
a second computer system to execute second registration processing to register a second set of authorization data including information on matching between a group and commands authorized for execution in response to an execution request from the group;
the first computer system to execute first authorization processing to reference, when a command to be executed by the second computer system is entered by an operator, the first set of authorization data and to judge whether or not the operator is to be authorized to execute the command;
the first computer system to execute first execution processing to augment, if it is judged by the first authorization processing that the operator is to be authorized to execute the command, the command with information to identify the group to which the operator belongs, and to transmit the augmented command to the second computer system as a request from the group to execute the command;
the second computer system to execute second authorization processing to reference, when the command is received from the first computer system, the second set of authorization data and to judge whether or not the command is to be authorized for execution in response to the execution request from the group whose command is augmented with identifying information; and
the second computer system to execute second execution processing to execute the command, if it is judged by the second authorization processing that the command is to be authorized for execution, in response to the execution request from the group.
According to still another aspect of the present invention, in the foregoing recording medium,
the second set of authorization data further includes information on matching between a group and data to which access is to be authorized in response to the execution request from the group;
by the second authorization processing it is judged whether or not the data to be accessed by the command are to be allowed access to in response to the request from the group whose command is augmented with identifying information; and
by the second execution processing, if it is judged by said second authorization processing that the data may be allowed access to in response to the request from the group, the command is executed.
According to still another aspect of the present invention, the foregoing recording medium,
in the first execution processing, the command is further augmented with operator identifying information and transmitted to the second computer system;
in the second registration processing, a list of unauthorized operators matching commands and operators unauthorized to execute the respective commands is further registered;
in the second authorization processing, the list of unauthorized operators is referenced, and it is judged whether or not the operator whose command is augmented with identifying information is to be authorized to execute the command; and
in the second execution processing, if the second authorization unit judges that the operator is not be authorized to execute the command, the command is not executed.